after following http://www.howtoforge.com/virtual_postfix_mysql_quota_courier I have a working mailserver, however I'd like to make sure that users can only send mail from one of thier aliases. I don't perticually care if they can or can't send form the E-mail address in the users table. I tried this setup, but it hasn't worked: After I authenticate I get an error: <[email protected]>: Sender address rejected: not owned by user [email protected], this error appears in thunderbird and my mail.log The [email protected] is forwarded to [email protected] in the forwardings table, I tested with telnet. What I did: in main.cf change Code: smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination to Code: smtpd_recipient_restrictions = permit_mynetworks, reject_authenticated_sender_login_mismatch, permit_sasl_authenticated, reject_unauth_destination add the line Code: smtpd_sender_login_maps = mysql:/etc/postfix/mysql_login_maps.cf and smtpd_sender_login_maps.cf contains Code: user = mail_read password = mail_read_password dbname = mail table = forwardings select_field = source where_field = destination hosts = 127.0.0.1 additional_conditions = and readonly = 0 (I created readonly myself, its a enum with 0 & 1 as options, users shouldn't be able to send from aliases that have 1 Postfix version 2.1.5
I got it working! Code: user = mail_read password = mail_read_password dbname = mail table = forwardings select_field = destination where_field = source hosts = 127.0.0.1 additional_conditions = and readonly = '0' since this is more a guidet then a question: I licence this guide under Creative Commons, permission is given to everybody (epsecilly falko) to modify, use, and redistribute alone or part of a bigger guide. If I misunderstood the terms of Creative Commons anything following the word permission takes precidence
I'm not quite sure if you can license code snippets like this one... Because then someone else could come and say "I license all Apache directives, and everyone who uses them has to pay". I'm no lawyer though, but my common sense tells me so. But you know about the relation between law and common sense...
I don't know much about law either, but my instinct said I'd ended up with a mini guide rather than a code snippet (btw I was talking about both posts), your guides were under creative commons, and I wanted to give you permission to add the contents of those two posts to your guide so creative commons seemed like logical thing. Although now you mention it I should have known better than to apply logic to law.
It applies to the writing, i.e., my wording, screenshots, etc., and not so much to the code or the commands.
Sorry to exhume this one... I understand rules described here as a security mechanism for senders. But question is - can the map table also be used to prevent spoofing of sender addresses of incoming mails? So that it blocks remote mails containing sender addresses of accounts managed on that server.
